Unrated severityNVD Advisory· Published Jun 6, 2011· Updated Apr 29, 2026
CVE-2011-0082
CVE-2011-0082
Description
The X.509 certificate validation functionality in Mozilla Firefox 4.0.x through 4.0.1 does not properly implement single-session security exceptions, which might make it easier for user-assisted remote attackers to spoof an SSL server via an untrusted certificate that triggers potentially unwanted local caching of documents from that server.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
15cpe:2.3:a:mozilla:firefox:4.0:*:*:*:*:*:*:*+ 14 more
- cpe:2.3:a:mozilla:firefox:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:4.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:4.0:beta10:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:4.0:beta11:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:4.0:beta12:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:4.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:4.0:beta3:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:4.0:beta4:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:4.0:beta5:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:4.0:beta6:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:4.0:beta7:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:4.0:beta8:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:4.0:beta9:*:*:*:*:*:*
- (no CPE)range: <=4.0.1
Patches
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
9- bugs.debian.org/cgi-bin/bugreport.cginvdExploit
- openwall.com/lists/oss-security/2011/05/31/14nvdExploit
- openwall.com/lists/oss-security/2011/05/31/18nvdExploit
- openwall.com/lists/oss-security/2011/05/31/4nvdExploit
- openwall.com/lists/oss-security/2011/05/31/9nvdExploit
- bugzilla.mozilla.org/show_bug.cginvdExploit
- bugzilla.redhat.com/show_bug.cginvdExploit
- www.securityfocus.com/bid/48064nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14145nvd
News mentions
0No linked articles in our index yet.